<?php
class AuthController extends CI_Controller {
	
	function AuthController() {
		parent::__construct();
		$this->load->model('be/Auth_model');
	}
	
	function setPermission($username, $module, $value) {
		$current_permissions = $this->Auth_model->getPermissions($username);
		$current_permissions[$module] = $value;
		return $this->Auth_model->updatePermissions($username, $current_permissions);
	}
	
	function getPermissionLevel($username, $module) {
		$plevel = $this->Auth_model->getPermissionLevel($username, $module);
		return $plevel;
	}
	
	function updatePermissions($username, $new_permissions) {
		$current_permissions = $this->Auth_model->getPermissions($username);
		if(isset($new_permissions['overview'])) {
			$current_permissions['overview'] = $new_permissions['overview'];	
		}
		if(isset($new_permissions['provider'])) {
			$current_permissions['provider'] = $new_permissions['provider'];	
		}
		if(isset($new_permissions['category'])) {
			$current_permissions['category'] = $new_permissions['category'];	
		}
		if(isset($new_permissions['timepolicy'])) {
			$current_permissions['timepolicy'] = $new_permissions['timepolicy'];	
		}
		if(isset($new_permissions['pricepolicy'])) {
			$current_permissions['pricepolicy'] = $new_permissions['pricepolicy'];	
		}
		if(isset($new_permissions['customer'])) {
			$current_permissions['customer'] = $new_permissions['customer'];	
		}
		if(isset($new_permissions['visitor'])) {
			$current_permissions['visitor'] = $new_permissions['visitor'];	
		}
		if(isset($new_permissions['order'])) {
			$current_permissions['order'] = $new_permissions['order'];	
		}
		if(isset($new_permissions['cardtype'])) {
			$current_permissions['cardtype'] = $new_permissions['cardtype'];	
		}
		if(isset($new_permissions['card'])) {
			$current_permissions['card'] = $new_permissions['card'];	
		}
		if(isset($new_permissions['news'])) {
			$current_permissions['news'] = $new_permissions['news'];	
		}
		if(isset($new_permissions['slideshow'])) {
			$current_permissions['slideshow'] = $new_permissions['slideshow'];	
		}
		if(isset($new_permissions['syspages'])) {
			$current_permissions['syspages'] = $new_permissions['syspages'];	
		}
		if(isset($new_permissions['account'])) {
			$current_permissions['account'] = $new_permissions['account'];	
		}
		return $this->Auth_model->updatePermissions($username, $current_permissions);
	}
	
	function setPermissionAll($username, $level) {
		return $this->Auth_model->setPermissionAll($username, $level);
	}
	
	function getPermissions($username) {
		return $this->Auth_model->getPermissions($username);
	}
	
	function test($username) {
		$perm = $this->Auth_model->getPermissions($username); // permissions that set to $username in database
		echo ' overview->be4/  '.$perm['overview'].'<br>'; // change new level of module overview
		echo ' customer->be4/  '.$perm['customer'].'<br>'; // change new level of module customer
		$this->updatePermissions($username, array('overview'=>12, 'customer'=>25)); //do update permissions, database will be update
		$newp = $this->Auth_model->getPermissions($username); // check permissions now stored in database, after updating above
		echo ' overview->after/  '.$newp['overview'].'<br>'; // print new level of module overview
		echo ' customer->after  '.$newp['customer'].'<br>'; // print new level of module customer.
	}
	
	function can($do, $module) {
		$level = $this->getPermissionLevel($this->session->userdata('username'), $module);
		//echo 'do = ' . $do . '<p> module = ' . $module . '<p> level = ' . $level;
		
		if( $level == 0  ) {
			return false;
		}
		
		if($level >= 4) {
			return true;
		}
		
		if($level == 3) {
			if($do == 'view' || $do == 'add' || $do =='update') {
				return true;
			}else {
				return 0;
			}
		}
		
		if($level == 2) {
			if($do == 'view' ||  $do =='update') {
				return true;
			}else {
				return 0;
			}
		}
		
		if($level == 1) {
			if($do == 'view') {
				return true;
			}else {
				return 0;
			}
		}
	}
	
	function denied() {
		$data ['page_title'] = 'Từ chối!';
		$mess_detail = '<p>Bạn không có quyền truy cập trang này!</p><p>Hãy liên hệ với người quản trị.';
		$data ['message_detail'] = $mess_detail;
		$data['main_content'] = 'be/message';
		$this->load->view('be/includes/template', $data);
	}
}